<?php 
include 'config.php';
if (isset($_POST['cd']) ){
    $openid=$_POST['op'];
    $code=$_POST['cd'];
    $iv=$_POST['iv'];
    $encryptedData=$_POST['encryptedData'];
}else{
    exit;
}
 
$getSession = getSessionKey($code,$appId,$secret);
if (isset($getSession['errcode']) && '40163' == $getSession['errcode']){
    
    echo json_encode(array('msg'=>'404','errmsg'=>$getSession['errmsg'],'id'=>$getSession['errcode']));
    exit;
}
 
$getSessionKey=$getSession['session_key'];
 
$aesKey=base64_decode($getSessionKey);
$aesIV=base64_decode($iv);
$aesCipher=base64_decode($encryptedData);
$result=openssl_decrypt( $aesCipher, "AES-128-CBC", $aesKey, 1, $aesIV);
 
$dataObj=json_decode( $result,ture);
if (isset($dataObj['phoneNumber'])){
    $phone=$dataObj['phoneNumber'];
    $mysqli = new mysqli($dbhost, $dbuser, $dbpwd, $dbName);
    if (!$mysqli->set_charset("utf8")) {
        
    }
    $query=$mysqli->query("SELECT id FROM uinfo where openid='".$openid."' limit 0,1 ");
    if($query->num_rows>0){
        $mysqli->query("update uinfo set phone='".$phone."' where openid='".$openid."'   ");
    }else{
        $mysqli->query("insert into uinfo(openid,phone,createtime) values('".$openid."','".$phone."','".date("Y-m-d H:i:s")."')  ");
        $mysqli->query("insert into uinfo_log(openid,phone,createtime) values('".$openid."','".$phone."','".date("Y-m-d H:i:s")."')  ");
    }
    echo json_encode(array('msg'=>'200'));
    exit;
}else {
    echo json_encode(array('msg'=>'300'));
    exit;
}
 
 


/**
 * @param $code
 * @return mixed
 * 获取用户的key
 */
function getSessionKey($code,$appId,$secret) {
    $url = "https://api.weixin.qq.com/sns/jscode2session?appid=".$appId."&secret=".$secret."&js_code=".$code."&grant_type=authorization_code";
    $res = httpRequest($url,'');
    $result = json_decode($res, true);
 
    return $result;
}

/**
 *CRUL 网络请求
 */
function httpRequest($url,$data){ // 模拟提交数据函数
    $curl = curl_init(); // 启动一个CURL会话
    curl_setopt($curl, CURLOPT_URL, $url);                         // 要访问的地址
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);          // 对认证证书来源的检查
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);          // 从证书中检查SSL加密算法是否存在
    curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']); // 模拟用户使用的浏览器
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);          // 使用自动跳转
    curl_setopt($curl, CURLOPT_AUTOREFERER, 1);             // 自动设置Referer
    curl_setopt($curl, CURLOPT_POST, 1);                    // 发送一个常规的Post请求
    curl_setopt($curl, CURLOPT_POSTFIELDS, $data);                 // Post提交的数据包
    curl_setopt($curl, CURLOPT_TIMEOUT, 30);                // 设置超时限制防止死循环
    curl_setopt($curl, CURLOPT_HEADER, 0);                  // 显示返回的Header区域内容
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);          // 获取的信息以文件流的形式返回
    $tmpInfo = curl_exec($curl); // 执行操作
    
    if (curl_errno($curl)) {
        echo 'Errno'.curl_error($curl);//捕抓异常
    }
    curl_close($curl); // 关闭CURL会话
    return $tmpInfo; // 返回数据
}